launchpd 1.0.0

package/src/utils/machineId.js

@@ -0,0 +1,28 @@
+import { createHash } from 'node:crypto';
+import { hostname, platform, arch, userInfo } from 'node:os';
+
+/**
+ * Generate a unique machine identifier based on system traits.
+ * Uses SHA-256 to hash a combination of hostname, platform, architecture, and username.
+ * This provides a persistent ID even if the IP address changes.
+ *
+ * @returns {string} Hex string of the machine ID hash
+ */
+export function getMachineId() {
+    try {
+        const parts = [
+            hostname(),
+            platform(),
+            arch(),
+            userInfo().username
+        ];
+
+        const rawId = parts.join('|');
+        return createHash('sha256').update(rawId).digest('hex');
+    } catch (err) {
+        // Fallback if userInfo() fails (e.g. restricted environments)
+        // Use a random ID for this session, better than crashing
+        console.warn('Could not generate stable machine ID:', err.message);
+        return 'unknown-device-' + Math.random().toString(36).substring(2);
+    }
+}

package/src/utils/metadata.js

@@ -0,0 +1,201 @@
+/**
+ * Metadata utilities for Launchpd CLI
+ * All operations now go through the API proxy
+ */
+
+import { config } from '../config.js';
+
+const API_BASE_URL = config.apiUrl;
+
+/**
+ * Get API key for requests
+ */
+function getApiKey() {
+    return process.env.STATICLAUNCH_API_KEY || 'public-beta-key';
+}
+
+/**
+ * Make an authenticated API request
+ */
+async function apiRequest(endpoint, options = {}) {
+    const url = `${API_BASE_URL}${endpoint}`;
+
+    const headers = {
+        'Content-Type': 'application/json',
+        'X-API-Key': getApiKey(),
+        ...options.headers,
+    };
+
+    try {
+        const response = await fetch(url, {
+            ...options,
+            headers,
+        });
+
+        const data = await response.json();
+
+        if (!response.ok) {
+            throw new Error(data.error || `API error: ${response.status}`);
+        }
+
+        return data;
+    } catch (err) {
+        if (err.message.includes('fetch failed') || err.message.includes('ENOTFOUND')) {
+            return null;
+        }
+        throw err;
+    }
+}
+
+/**
+ * Record a deployment to the API
+ * @param {string} subdomain - Deployed subdomain
+ * @param {string} folderPath - Original folder path
+ * @param {number} fileCount - Number of files deployed
+ * @param {number} totalBytes - Total bytes uploaded
+ * @param {number} version - Version number for this deployment
+ * @param {Date|null} expiresAt - Expiration date, or null for no expiration
+ */
+export async function recordDeployment(subdomain, folderPath, fileCount, totalBytes = 0, version = 1, expiresAt = null) {
+    const folderName = folderPath.split(/[\\/]/).pop() || 'unknown';
+
+    return apiRequest('/api/deployments', {
+        method: 'POST',
+        body: JSON.stringify({
+            subdomain,
+            folderName,
+            fileCount,
+            totalBytes,
+            version,
+            cliVersion: config.version,
+            expiresAt: expiresAt?.toISOString() || null,
+        }),
+    });
+}
+
+/**
+ * List all deployments for the current user
+ * @returns {Promise<Array>} Array of deployment records
+ */
+export async function listDeploymentsFromR2() {
+    const result = await apiRequest('/api/deployments');
+    return result?.deployments || [];
+}
+
+/**
+ * Get the next version number for a subdomain
+ * @param {string} subdomain - The subdomain to check
+ * @returns {Promise<number>} Next version number
+ */
+export async function getNextVersion(subdomain) {
+    const result = await apiRequest(`/api/versions/${subdomain}`);
+
+    if (!result || !result.versions || result.versions.length === 0) {
+        return 1;
+    }
+
+    const maxVersion = Math.max(...result.versions.map(v => v.version));
+    return maxVersion + 1;
+}
+
+/**
+ * Get all versions for a specific subdomain
+ * @param {string} subdomain - The subdomain to get versions for
+ * @returns {Promise<Array>} Array of deployment versions
+ */
+export async function getVersionsForSubdomain(subdomain) {
+    const result = await apiRequest(`/api/versions/${subdomain}`);
+    return result?.versions || [];
+}
+
+/**
+ * Set the active version for a subdomain (rollback)
+ * @param {string} subdomain - The subdomain
+ * @param {number} version - Version to make active
+ */
+export async function setActiveVersion(subdomain, version) {
+    return apiRequest(`/api/versions/${subdomain}/rollback`, {
+        method: 'PUT',
+        body: JSON.stringify({ version }),
+    });
+}
+
+/**
+ * Get the active version for a subdomain
+ * @param {string} subdomain - The subdomain
+ * @returns {Promise<number>} Active version number
+ */
+export async function getActiveVersion(subdomain) {
+    const result = await apiRequest(`/api/versions/${subdomain}`);
+    return result?.activeVersion || 1;
+}
+
+/**
+ * Copy files from one version to another (for rollback)
+ * Note: This is now handled server-side by the API
+ * @param {string} subdomain - The subdomain
+ * @param {number} fromVersion - Source version
+ * @param {number} toVersion - Target version
+ */
+export async function copyVersionFiles(subdomain, fromVersion, toVersion) {
+    // Rollback is now handled by setActiveVersion - no need to copy files
+    // The worker serves files from the specified version directly
+    return { fromVersion, toVersion, note: 'Handled by API' };
+}
+
+/**
+ * List all files for a specific version
+ * @param {string} subdomain - The subdomain
+ * @param {number} version - Version number
+ * @returns {Promise<Array>} Array of file info
+ */
+export async function listVersionFiles(subdomain, version) {
+    const result = await apiRequest(`/api/deployments/${subdomain}`);
+
+    if (!result || !result.versions) {
+        return [];
+    }
+
+    const versionInfo = result.versions.find(v => v.version === version);
+    return versionInfo ? [{ version, fileCount: versionInfo.file_count, totalBytes: versionInfo.total_bytes }] : [];
+}
+
+/**
+ * Delete all files for a subdomain (all versions)
+ * Note: This should be an admin operation, not available to CLI users
+ * @param {string} _subdomain - The subdomain to delete
+ */
+export async function deleteSubdomain(_subdomain) {
+    // This operation is not available in the consumer CLI
+    // It should be handled through the admin dashboard or worker
+    throw new Error('Subdomain deletion is not available in the CLI. Contact support.');
+}
+
+/**
+ * Get all expired deployments
+ * Note: Cleanup is handled server-side automatically
+ * @returns {Promise<Array>} Array of expired deployment records
+ */
+export async function getExpiredDeployments() {
+    // Expiration cleanup is handled server-side
+    return [];
+}
+
+/**
+ * Remove deployment records for a subdomain from metadata
+ * Note: This should be an admin operation
+ * @param {string} _subdomain - The subdomain to remove
+ */
+export async function removeDeploymentRecords(_subdomain) {
+    throw new Error('Deployment record removal is not available in the CLI. Contact support.');
+}
+
+/**
+ * Clean up all expired deployments
+ * Note: This is now handled automatically by the worker
+ * @returns {Promise<{cleaned: string[], errors: string[]}>}
+ */
+export async function cleanupExpiredDeployments() {
+    // Cleanup is handled server-side automatically
+    return { cleaned: [], errors: [], note: 'Handled automatically by server' };
+}

package/src/utils/prompt.js

@@ -0,0 +1,87 @@
+
+import { createInterface, emitKeypressEvents } from 'node:readline';
+
+/**
+ * Prompt for user input
+ */
+export function prompt(question) {
+    const rl = createInterface({
+        input: process.stdin,
+        output: process.stdout,
+    });
+
+    return new Promise((resolve) => {
+        rl.question(question, (answer) => {
+            rl.close();
+            resolve(answer.trim());
+        });
+    });
+}
+
+/**
+ * Prompt for secret user input (masks with *)
+ */
+export function promptSecret(question) {
+    return new Promise((resolve) => {
+        const { stdin, stdout } = process;
+
+        stdout.write(question);
+
+        // Prepare stdin
+        if (stdin.isTTY) {
+            stdin.setRawMode(true);
+        }
+        stdin.resume();
+        stdin.setEncoding('utf8');
+
+        // Enable keypress events
+        emitKeypressEvents(stdin);
+
+        let secret = '';
+
+        const handler = (str, key) => {
+            key = key || {};
+
+            // Check for Ctrl+C
+            if (key.ctrl && key.name === 'c') {
+                cleanup();
+                stdout.write('\n'); // Newline before exit
+                process.exit();
+            }
+
+            // Check for Enter
+            if (key.name === 'return' || key.name === 'enter') {
+                cleanup();
+                stdout.write('\n');
+                resolve(secret.trim());
+                return;
+            }
+
+            // Check for Backspace
+            if (key.name === 'backspace') {
+                if (secret.length > 0) {
+                    secret = secret.slice(0, -1);
+                    // Move cursor back, overwrite with space, move back again
+                    stdout.write('\b \b');
+                }
+                return;
+            }
+
+            // Printable characters (exclude control keys)
+            if (str && str.length === 1 && str.match(/[ -~]/) && !key.ctrl && !key.meta) {
+                secret += str;
+                stdout.write('*');
+            }
+        };
+
+        function cleanup() {
+            if (stdin.isTTY) {
+                stdin.setRawMode(false);
+            }
+            stdin.pause();
+            stdin.removeListener('keypress', handler);
+        }
+
+        stdin.on('keypress', handler);
+    });
+}

package/src/utils/quota.js

@@ -0,0 +1,231 @@
+/**
+ * Quota checking for StaticLaunch CLI
+ * Validates user can deploy before uploading
+ */
+
+import { config } from '../config.js';
+import { getCredentials, getClientToken } from './credentials.js';
+import { warning, error, info } from './logger.js';
+
+const API_BASE_URL = `https://api.${config.domain}`;
+
+/**
+ * Check quota before deployment
+ * Returns quota info and whether deployment is allowed
+ *
+ * @param {string} subdomain - Target subdomain (null for new site)
+ * @param {number} estimatedBytes - Estimated upload size in bytes
+ * @returns {Promise<{allowed: boolean, isNewSite: boolean, quota: object, warnings: string[]}>}
+ */
+export async function checkQuota(subdomain, estimatedBytes = 0) {
+    const creds = await getCredentials();
+
+    let quotaData;
+
+    if (creds?.apiKey) {
+        // Authenticated user
+        quotaData = await checkAuthenticatedQuota(creds.apiKey);
+    } else {
+        // Anonymous user
+        quotaData = await checkAnonymousQuota();
+    }
+
+    if (!quotaData) {
+        // API unavailable, allow deployment (fail-open for MVP)
+        return {
+            allowed: true,
+            isNewSite: true,
+            quota: null,
+            warnings: ['⚠️ Could not verify quota (API unavailable)'],
+        };
+    }
+
+    // Check if this is an existing site the user owns
+    const isNewSite = subdomain ? !await userOwnsSite(creds?.apiKey, subdomain) : true;
+
+    const warnings = [...(quotaData.warnings || [])];
+    const allowed = true;
+
+    // Check if blocked (anonymous limit reached)
+    if (quotaData.blocked) {
+        console.log(quotaData.upgradeMessage);
+        return {
+            allowed: false,
+            isNewSite,
+            quota: quotaData,
+            warnings: [],
+        };
+    }
+
+    // Check site limit for new sites
+    if (isNewSite && !quotaData.canCreateNewSite) {
+        error(`Site limit reached (${quotaData.limits.maxSites} sites)`);
+        if (!creds?.apiKey) {
+            showUpgradePrompt();
+        } else {
+            info('Upgrade to Pro for more sites, or delete an existing site');
+        }
+        return {
+            allowed: false,
+            isNewSite,
+            quota: quotaData,
+            warnings,
+        };
+    }
+
+    // Check storage limit
+    const storageAfter = (quotaData.usage?.storageUsed || 0) + estimatedBytes;
+    if (storageAfter > quotaData.limits.maxStorageBytes) {
+        const overBy = storageAfter - quotaData.limits.maxStorageBytes;
+        error(`Storage limit exceeded by ${formatBytes(overBy)}`);
+        error(`Current: ${formatBytes(quotaData.usage.storageUsed)} / ${formatBytes(quotaData.limits.maxStorageBytes)}`);
+        if (!creds?.apiKey) {
+            showUpgradePrompt();
+        } else {
+            info('Upgrade to Pro for more storage, or delete old deployments');
+        }
+        return {
+            allowed: false,
+            isNewSite,
+            quota: quotaData,
+            warnings,
+        };
+    }
+
+    // Add storage warning if close to limit
+    const storagePercentage = storageAfter / quotaData.limits.maxStorageBytes;
+    if (storagePercentage > 0.8) {
+        warnings.push(`⚠️ Storage ${Math.round(storagePercentage * 100)}% used (${formatBytes(storageAfter)} / ${formatBytes(quotaData.limits.maxStorageBytes)})`);
+    }
+
+    // Add site count warning if close to limit
+    if (isNewSite) {
+        const sitesAfter = (quotaData.usage?.siteCount || 0) + 1;
+        const sitePercentage = sitesAfter / quotaData.limits.maxSites;
+        if (sitePercentage > 0.8) {
+            warnings.push(`⚠️ ${quotaData.limits.maxSites - sitesAfter} site(s) remaining after this deploy`);
+        }
+    }
+
+    return {
+        allowed,
+        isNewSite,
+        quota: quotaData,
+        warnings,
+    };
+}
+
+/**
+ * Check quota for authenticated user
+ */
+async function checkAuthenticatedQuota(apiKey) {
+    try {
+        const response = await fetch(`${API_BASE_URL}/api/quota`, {
+            headers: {
+                'X-API-Key': apiKey,
+            },
+        });
+
+        if (!response.ok) {
+            return null;
+        }
+
+        return await response.json();
+    } catch {
+        return null;
+    }
+}
+
+/**
+ * Check quota for anonymous user
+ */
+async function checkAnonymousQuota() {
+    try {
+        const clientToken = await getClientToken();
+
+        const response = await fetch(`${API_BASE_URL}/api/quota/anonymous`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+            },
+            body: JSON.stringify({
+                clientToken,
+            }),
+        });
+
+        if (!response.ok) {
+            return null;
+        }
+
+        return await response.json();
+    } catch {
+        return null;
+    }
+}
+
+/**
+ * Check if user owns a subdomain
+ */
+async function userOwnsSite(apiKey, subdomain) {
+    if (!apiKey) {
+        // For anonymous, we track by client token in deployments
+        return false;
+    }
+
+    try {
+        const response = await fetch(`${API_BASE_URL}/api/subdomains`, {
+            headers: {
+                'X-API-Key': apiKey,
+            },
+        });
+
+        if (!response.ok) {
+            return false;
+        }
+
+        const data = await response.json();
+        return data.subdomains?.some(s => s.subdomain === subdomain) || false;
+    } catch {
+        return false;
+    }
+}
+
+/**
+ * Show upgrade prompt for anonymous users
+ */
+function showUpgradePrompt() {
+    console.log('');
+    console.log('╔══════════════════════════════════════════════════════════════╗');
+    console.log('║  Upgrade to Launchpd Free Tier                               ║');
+    console.log('╠══════════════════════════════════════════════════════════════╣');
+    console.log('║  Register for FREE to unlock:                                ║');
+    console.log('║    → 10 sites (instead of 3)                                 ║');
+    console.log('║    → 100MB storage (instead of 50MB)                         ║');
+    console.log('║    → 30-day retention (instead of 7 days)                    ║');
+    console.log('║    → 10 version history per site                             ║');
+    console.log('╠══════════════════════════════════════════════════════════════╣');
+    console.log('║  Run: launchpd register                                      ║');
+    console.log('╚══════════════════════════════════════════════════════════════╝');
+    console.log('');
+}
+
+/**
+ * Display quota warnings
+ */
+export function displayQuotaWarnings(warnings) {
+    if (warnings && warnings.length > 0) {
+        console.log('');
+        warnings.forEach(w => warning(w));
+    }
+}
+
+/**
+ * Format bytes to human readable
+ */
+export function formatBytes(bytes) {
+    if (bytes === 0) return '0 B';
+    const k = 1024;
+    const sizes = ['B', 'KB', 'MB', 'GB', 'TB'];
+    const i = Math.floor(Math.log(bytes) / Math.log(k));
+    return `${parseFloat((bytes / Math.pow(k, i)).toFixed(2))} ${sizes[i]}`;
+}